//===============================================================================
// Microsoft Architecture Strategy Team
// LitwareHR - SaaS Sample Application
//===============================================================================
// Copyright  Microsoft Corporation.  All rights reserved.
// THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY
// OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT
// LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
// FITNESS FOR A PARTICULAR PURPOSE.
//===============================================================================
// The example companies, organizations, products, domain names,
// e-mail addresses, logos, people, places, and events depicted
// herein are fictitious.  No association with any real company,
// organization, product, domain name, email address, logo, person,
// places, or events is intended or should be inferred.
//===============================================================================



using System;
using System.Collections.Generic;
using System.Text;
using System.Web.Security;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using Shp.Runtime.Services;
using Shp.Runtime.Contract;

namespace Shp.Security.BrokeredReceiver.CustomProviders
{
    public class CustomUserNamePasswordValidator : UserNamePasswordValidator
    {
        /// <summary>
        /// Validates the specified username and password.
        /// </summary>
        /// <param name="userName">The username to validate.</param>
        /// <param name="password">The password to validate.</param>
        public override void Validate(string userName, string password)
        {
            if (null == userName)                 
                throw new ArgumentNullException("userName");
            if (null == password)
                throw new ArgumentNullException("password");

            Upn upn = new Upn(userName);
            if (AuthenticationLogic.ValidateUser(upn, password))
            {
                return;
            }

            throw new SecurityTokenException("Unknown Username or Incorrect Password");
        }
    }
}
